Description
Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution.
Published: 2026-04-03
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution and Denial of Service
Action: Immediate Patch
AI Analysis

Impact

A buffer overflow exists in the HTTPS login interface of Hirschmann HiSecOS devices when RADIUS authentication is used. The flaw arises when a password longer than 128 characters is submitted, overwhelming a fixed‑size buffer. An attacker can exploit this to crash the device or potentially execute arbitrary code, resulting in a denial of service or full compromise of the system. The weakness is a classic buffer overflow (CWE‑120).

Affected Systems

The vulnerability affects Hirschmann HiSecOS Classic Firewalls, including the EAGLE and EAGLE One variants, on all firmware releases prior to 05.3.03. Users of these devices should identify whether their firewall software predates that version and hence is susceptible.

Risk and Exploitability

The CVSS score of 9.3 labels this issue as critical. Although an EPSS score is not provided, the high severity and the remote nature of the attack suggest a reasonable likelihood of exploitation. It is not listed in the CISA KEV catalog, but it remains a high‑risk vulnerability because attackers can trigger it simply by attempting a login via HTTPS. The most probable attack vector is a remote attacker sending a login request with an excessively long password over an HTTPS session while RADIUS authentication is enabled.

Generated by OpenCVE AI on April 3, 2026 at 23:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor’s firmware update to version 05.3.03 or later. This patch removes the improper bounds checking in the password handler.
  • If upgrading immediately is not possible, disable RADIUS authentication on the HTTPS login interface or block HTTPS traffic to the device until a patch is applied. This prevents the overflowing input from reaching the vulnerable routine.
  • Monitor the system logs for repeated login attempts with unusually long passwords and alert any suspicious activity.

Generated by OpenCVE AI on April 3, 2026 at 23:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Belden
Belden hirschmann Eagle One
Belden hirschmann Hisecos
Vendors & Products Belden
Belden hirschmann Eagle One
Belden hirschmann Hisecos

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Description Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers can exploit improper bounds checking in password handling to overflow a fixed-size buffer and achieve denial of service or remote code execution.
Title Hirschmann HiSecOS Buffer Overflow via HTTPS Login
Weaknesses CWE-120
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Belden Hirschmann Eagle One Hirschmann Hisecos
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-06T15:29:16.419Z

Reserved: 2026-04-03T21:16:19.764Z

Link: CVE-2018-25237

cve-icon Vulnrichment

Updated: 2026-04-06T15:03:32.168Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-03T22:16:24.740

Modified: 2026-04-07T13:20:55.200

Link: CVE-2018-25237

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-06T22:22:06Z

Weaknesses